The invention relates to a storage device having a security function, a host apparatus into which the storage device can be inserted, and the host apparatus having the storage device. More particularly, the invention relates to a memory card having a flash memory chip and a controller, an information processing apparatus into which the memory card can be inserted, and the information processing apparatus having the memory card.
An IC card is constructed by embedding an IC (Integrated Circuit) chip into a plastic card substrate and has external terminals of the IC chip on its surface. As external terminals of the IC chip, there are a power terminal, a clock terminal, data input/output terminals, and the like. A connected apparatus directly supplies a power source and a drive clock to the IC chip from the external terminals, thereby making the IC chip operative. The IC card exchanges information with the connected apparatus such as a terminal device or the like by transmitting and receiving an electric signal to/from the connected apparatus via the external terminals. As a result of the information exchange, the IC card sends a calculation result and stored information and changes the stored information. On the basis of specifications of those operations, the IC card can have a function for executing a security process such as protection of secret data, personal identification, and the like. The IC card is used as a user device for the personal identification in a system in which security of secret information in a credit settlement, banking, or the like is necessary.
JP-A-2000-242750 discloses a personal identification system comprising: a personal digital assistant which has tamper-resistant and in which registration information has been stored; and a personal identification apparatus which has the tamper-resistant and can make personal identification on the basis of the registration information in the personal digital assistant and input information which is newly inputted when communication with the personal digital assistant can be made, wherein encrypting means for encrypting the registration information and sending an obtained cipher text to the personal identification apparatus when the personal identification is made is provided as a personal digital assistant, and decrypting means for obtaining the registration information by decrypting the cipher text sent from the encrypting means and collating means for collating the registration information obtained by the decrypting means with the input information are provided as a personal identification apparatus.
JP-A-2000-338868 discloses a first issuing method of the public key certificates such that: among a plurality of basic information for public key certificates formed on the basis of predetermined applying information, signature data for the one format is formed with respect to the basic information for the one format as a target; a public key certificate for another format is formed by including signature data for another format with respect to the formed basic information and signature data and the basic information for that another format as targets; the basic information for the one format, the signature data for the one format, the basic information for that another format, and the signature data for that another format are obtained from the formed public key certificates; and a public key certificate for the one format is formed on the basis of the obtained basic information and signature data. JP-A-2000-338868 also discloses a second issuing method of the public key certificates such that: signature data is formed with respect to a coupling hash value, as a target, in which basic information of a plurality of formats for public key certificates formed on the basis of predetermined applying information are arranged in predetermined order and hash values of the basic information are coupled; and a public key certificate is formed by including the basic information corresponding to a format which can be used on an applicant side, the hash values formed from the basic information of formats other than the format of the basic information, and the formed signature data.
JP-A-2001-357365 discloses a data storage device comprising: input/output control means for controlling an input and an output of data to/from an information processing apparatus; first storage control means for controlling storage of the data corresponding to a plurality of services; and second storage control means for controlling storage of a first service ID corresponding to a first service among the plurality of services and a second service ID corresponding to a second service, among the plurality of services, in which the input/output of the data are permitted in the case where the input/output of the data regarding the first service are controlled by the input/output control means.
JP-A-2002-024773 discloses an IC card service addition permitting apparatus comprising: service addition information storing means for holding service addition information regarding an IC card; and service addition permitting means for receiving service addition request data to the IC card and encrypted IC card issuer data recorded in the IC card, authenticating the encrypted IC card issuer data by key information given in order to confirm an issuer of the IC card, sending service addition permission data when the issuer of the IC card is confirmed, writing information regarding the permitted service addition to the service addition information storing means, and sending service addition inhibition data when the issuer of the IC card is not confirmed.
According to the conventional techniques, since all security processes are executed by the IC card chip, a processing time is long. That is, since processing ability of a CPU of the IC card chip is lower than that of a CPU of a controller of a memory card, processes which are executed by software among the security processes take time. In the case of executing all of the security processes by the controller of the memory card, since tamper-resistant of the controller of the memory card is lower than that of the IC card chip, the controller is easily subjected to attack from the outside, and safety of the security processes cannot be assured.